Honest ideals on strand spaces

In security protocol analysis, it is important to learn general principles that limit the abilities of an attacker and that can be applied repeatedly to a variety of protocols. The authors introduce the notion of an ideal-a set of messages closed under encryption and invariant under composition with arbitrary messages-to express such principles. In conjunction with the strand space formalism, they use the concept of ideals to prove bounds on a penetrator's capabilities, independent of the security protocol being analyzed. From this they prove a number of correctness properties of the Otway Rees protocol, using these results to explain the limitations of the protocol.

[1]  Colin Boyd,et al.  Towards formal analysis of security protocols , 1993, [1993] Proceedings Computer Security Foundations Workshop VI.

[2]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[3]  Joshua D. Guttman,et al.  Strand spaces: why is a security protocol correct? , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[4]  Ulf Carlsen,et al.  Cryptographic Protocols Flaws , 1994, CSFW.

[5]  Somesh Jha,et al.  A model checker for authentication protocols , 1997 .

[6]  Lawrence C. Paulson,et al.  Proving properties of security protocols by induction , 1997, Proceedings 10th Computer Security Foundations Workshop.

[7]  U. Carlsen,et al.  Cryptographic protocol flaws: know your enemy , 1994, Proceedings The Computer Security Foundations Workshop VII.